Skip to main content
CVE-2019-16508 HIGH POC This Week

The Imagination Technologies driver for Chrome OS before R74-11895.B, R75 before R75-12105.B, and R76 before R76-12208.0.0 allows attackers to trigger an Integer Overflow and gain privileges via a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Integer Overflow Buffer Overflow Chrome Os
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2019-8291 HIGH POC This Week

Online Store System v1.0 delete_file.php doesn't check to see if a user has administrative rights nor does it check for path traversal. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Online Store System
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2019-14960 HIGH This Week

JetBrains Rider before 2019.1.2 was using an unsigned JetBrains.Rider.Unity.Editor.Plugin.Repacked.dll file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Rider
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-17075 HIGH This Week

An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel through 5.3.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
7.5
EPSS
6.2%
CVE-2019-0231 HIGH PATCH This Week

Handling of the close_notify SSL/TLS message does not lead to a connection closure, leading the server to retain the socket opened and to have the client potentially receive clear text messages. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apache Mina
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2019-17069 HIGH This Week

PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free Memory Corruption Putty Leap +1
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2019-17068 HIGH This Week

PuTTY before 0.73 mishandles the "bracketed paste mode" protection mechanism, which may allow a session to be affected by malicious clipboard content. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Putty Leap
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2019-15042 HIGH This Week

An issue was discovered in JetBrains TeamCity 2018.2.4. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Teamcity
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2019-15038 HIGH This Week

An issue was discovered in JetBrains TeamCity 2018.2.4. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Teamcity
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-10435 HIGH This Week

Jenkins SourceGear Vault Plugin transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins Information Disclosure Hashicorp Sourcegear Vault
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2019-10434 HIGH This Week

Jenkins LDAP Email Plugin transmits configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins Information Disclosure Ldap Email
NVD
CVSS 3.1
7.5
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy